Active Exploitation of Multiple Vulnerabilities in ConnectWise ScreenConnect Software

Published on 26 Feb 2024

ConnectWise has released security updates addressing multiple vulnerabilities (CVE-2024-1708 and CVE-2024-1709) affecting their ScreenConnect software. The vulnerabilities are reportedly being actively exploited.

The vulnerabilities are:

CVE-2024-1708: A path-traversal vulnerability that may allow an attacker to perform remote code execution and directly compromise sensitive data and/or critical systems.

CVE-2024-1709: A critical authentication bypass vulnerability that may allow an unauthorised attacker to gain access to sensitive information and/or critical systems. This vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 10 out of 10.

The vulnerabilities affect ConnectWise ScreenConnect versions 23.9.7 and prior.

Users and administrators of the affected product versions are advised to update to the latest versions immediately.

More information is available here:

https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

https://www.bleepingcomputer.com/news/security/screenconnect-critical-bug-now-under-attack-as-exploit-code-emerges/

https://nvd.nist.gov/vuln/detail/CVE-2024-1708

https://nvd.nist.gov/vuln/detail/CVE-2024-1709